package com.authenticateCenter.controller;

import com.authenticateCenter.service.IAuthorityService;
import com.authenticateCenter.service.IRoleAuthorityService;
import com.authenticateCenter.service.IRoleService;
import com.authenticateCenter.service.authority.UserAuthorizeService;
import com.common.result.ResponseResultAdvice;
import com.security.domain.authority.CommonRole;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiResponse;
import lombok.RequiredArgsConstructor;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import javax.servlet.http.HttpServletResponse;
import java.util.List;

/**
 * @author 大忽悠
 * @create 2022/9/24 20:02
 */
@Validated
@RestController
@RequestMapping("/authenticate")
@RequiredArgsConstructor
@ResponseResultAdvice
@Api(tags = "认证管理")
public class AuthenticateController {
    private final UserAuthorizeService userAuthorizeService;
    private final IAuthorityService iAuthorityService;
    private final IRoleService iRoleService;
    private final IRoleAuthorityService iRoleAuthorityService;

    @ApiOperation("生成token")
    @ApiResponse(message = "如果用户在认证中心不存在,那么返回null",code = 200)
    @PostMapping("token")
    public String generatorToken(@RequestParam("id") Integer id, @RequestParam("name") String name) {
        return userAuthorizeService.generatorToken(id,name);
    }

    /**
     * 认证成功会返回当前用户具备的权限信息,这里面会过滤掉那些被禁用了的权限
     */
    @ApiOperation("认证token")
    @ApiResponse(message = "认证失败返回null,成功返回UserDetails,并且刷新后的token放在响应头中返回",code = 200)
    @PostMapping("verify")
    public UserDetails verifyToken(@RequestParam("token")String token, HttpServletResponse response){
        return userAuthorizeService.verifyToken(token,response);
    }

    /**
     * 获取访问当前url需要具备的权限,这里就没有关于禁用权限的问题,禁用是针对用户具备权限而言
     */
    @ApiOperation("返回访问指定URL需要具备的角色列表")
    @PostMapping("/listRolesOfRequestUrl")
    public List<CommonRole> getRolesOfRequestUrl(@RequestParam("url")String requestUrl){
        return userAuthorizeService.getRolesOfRequestUrl(requestUrl,iAuthorityService,iRoleService,iRoleAuthorityService);
    }
}
